What the Strava App Revelation Says about Our Current State of Data Privacy

Data privacy comes in many different shapes and sizes. But the recent conundrum surrounding the fitness app Strava and its location tracking highlights the delicate balance devices play in our daily lives.

Like many exercise apps, Strava tracks its users’ workouts, building what’s called a global “heat map” that displays where users walk, jog, and run while the app is in use. After a few months, Strava built a database of more than three trillion GPS data points that collectively cover more than 5% of the globe.

The problem? Since many American military service members use the app, the heat map inadvertently displays the location of overseas military bases — including hidden or little-known ones and the movements of personnel. Security analysts examining Strava data even discovered that military supply and logistics routes could also be revealed.

How? Because each individual user checked a box to accept the app’s privacy policy, sharing data with Strava itself, with friends connected to the app, and with the public at large. Many device users may even allow their wide array of apps to access location services even when apps that need such data are not in use, creating a public record of nearly all movements to go along with the gold mine of data saved by web browsers and social media.

So what does the Strava dust-up tell us about data privacy? At this point, we can no longer assume that such privacy can be dealt with one user at a time through a system of what the New York Times calls “individualized informed consent.”

Data privacy is unfortunately not protected like many other consumer rights. Today’s tech companies consider it their first order of business to collect and store as much data as possible, which means the general public must shift their thought of data privacy from a process to be shored up when bad things happen to a regular consideration of do’s and don’ts.

As such, CMIT Solutions collected the following list of five basic strategies to immediately enhance the privacy of your data and your online presence. These don’t serve as the be-all, end-all of cybersecurity — but they do serve as a first step in the right direction. If you want to know more about protecting your business and your personal interests, contact CMIT Solutions today.

1. Remember that what you post can last a lifetime.

We live in a world that thrives on oversharing and too much information. But just because everybody else is doing it doesn’t mean you have to jump in, too. Consider how your future self (and those important to you) might perceive what you’re posting in the present.

2. Be wary of any offer that sounds too good to be true.

Whether it arrives in an email from a legitimate-sounding address, or pops up on your favorite website, remember that all it takes is one click on a malicious link, one accidental opening of an infected attachment, or one piece of personal information shared on the wrong website to compromise the security of your entire company and allow cybercriminals easy access to your data.

3. Strengthen passwords and utilize two-factor authentication.

Make sure you regularly change your logins to strong, unique phrases that are at least eight characters long and mix upper- and lower-case numbers, letters, and symbols, as these are a necessity for online security. Also, activate two-factor authentication, which requires a password and an automated security code sent to you via text or email, on any website or service that employs it.

4. Take responsibility for your online presence.

Sure, it’s a hassle to manually set the privacy and security settings on the Internet services you frequent and the array of devices you use on a daily basis. But those settings often represent your first line of defense against bad actors looking to steal your data. Click here for the NCSA’s handy guide to a plethora of security settings.

5. Follow the golden rule when posting or sharing online.

Remember that when you share a post, photo, or video on social media or anywhere else online, you might also be revealing information about others. Think ahead before you hit Send or OK and employ the golden rule: post only about others as you’d have them post about you.

In this digital age, your data and your online presence are incredibly valuable. Why not treat it with the attention and care it deserves by taking privacy seriously? For more cybersecurity strategies that protect your business while worrying about IT challenges so you don’t have to, contact CMIT Solutions today.